{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-009387.html",
  "dc:date": "2019-08-27T16:48+09:00",
  "dcterms:issued": "2018-11-19T15:44+09:00",
  "dcterms:modified": "2019-08-27T16:48+09:00",
  "description": "Mizuho Bank Mizuho Direct App for Android fails to verify SSL server certificates.\r\n\r\nMizuho Bank Mizuho Direct App for Android provided by Mizuho Bank, Ltd. fails to verify SSL server certificates (CWE-295).\r\n\r\nReo Yoshida reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-009387.html",
  "sec:cpe": {
    "#text": "cpe:/a:mizuhobank:mizuho_direct_application",
    "@product": "Mizuho Direct App",
    "@vendor": "Mizuho Bank, Ltd.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "4.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "4.8",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2018-009387",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU91640357/index.html",
      "@id": "JVNVU#91640357",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16179",
      "@id": "CVE-2018-16179",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-16179",
      "@id": "CVE-2018-16179",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/295.html",
      "@id": "CWE-295",
      "@title": "Improper Certificate Validation(CWE-295)"
    }
  ],
  "title": "Mizuho Bank Mizuho Direct App for Android fails to verify SSL server certificates"
}